blog dds

2013.06.19

How to Create Your Own Git Server

Although I'm a happy (also paying) user of GitHub's offerings,
there are times when I prefer to host a private repository
on a server I control.
Setting up your own Git server can be useful
if you're isolated from the public internet,
if you're subject to inflexible regulations,
or if you simply want features different from those offered by GitHub
(and other similar providers).
Setting up a Git server on a Unix (Linux, Mac OS X, *BSD, Solaris, AIX)
machine isn't difficult,
but there are many details to observe.
Here is a complete guide.

Through the following steps you can setup and use your own
Git server at a server, say myhost.example.com.
Some of the steps,
like email notifications, users with a restricted shell, and
access control for a particular group,
are optional depending on your requirements and the situation at hand.
For many of the commands you will need administrator (root) privileges,
so prefix them with sudo or (heaven forbid) run them
from within a root shell.

Create a group for those who will have read/write access to the repository.
Depending on your operating system you can do this using the
groupadd command, using vigr to edit
the group file, or editing directly the file /etc/group.
In the end you want to have a line like the following in the
/etc/group file.

repogroup:*:10005:marry,john,violet

where
repogroup is the name of the group that will get access to the
specific repository,
10005 is a unique group identification number,
and marry,john,violet are the user identifiers of people
that will get access to the repository.

Decide the directory where the git repositories will be located.
This can be under your home directory (e.g. /home/yourname/gitroot)
or in a dedicated directory
(e.g. /var/gitroot).

Configure permissions so that git users can access that directory

chmod g+rx /path-to/gitroot
chown :grouprepo /path-to/gitroot

Create the new Git repository, say newrepo.

cd /path-to/gitroot
git init --bare newrepo.git

Setup the directory's permissions to allow and propagate group access,
and configure Git accordingly.

Change user accounts to use a restricted shell.
If you want the users you added to use your system only for Git,
and not for general-purpose Unix processing,
then set up their accounts to use Git's restricted shell.
Git provides such a restricted shell crafted exactly for the purpose
of running only its server-end part.
It is usually installed in
/usr/libexec/git-core/git-shell
or
/usr/local/libexec/git-core/git-shell.
Therefore, for each user you want to offer restricted access run a command
like the following.

sudo chsh -s /usr/libexec/git-core/git-shell username

Ask your users to clone the repository using a command like the following.